For SpeakersPlease add your presentation to your session by attaching a pdf file to your session (under Manage Session > + Add Presentation). We will export these presentations daily and feature on the connect.linaro.org website here. Videos will be uploaded as we receive them (if the video of your session cannot be published please let us know immediately by emailing connect@linaro.org).

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Protecting key confidentiality is essential for many kernel security use-cases such as disk encryption, file encryption and protecting the integrity of file metadata. Trusted and encrypted keys provides a mechanism to export keys to user-space for storage as an encrypted blob and for the user-space to later reload them onto Linux keyring without the user-space knowing the encryption key. The existing Trusted Keys implementation relied on a TPM device but what if you are working on a system without one?

This session will introduce a Trusted Keys implementation which relies on a much simpler trusted application running in a Trusted Execution Environment (TEE) for sealing and unsealing of Trusted Keys using a hardware unique key provided by the TEE.

Currently working as part of Support and Solutions team, Linaro. Responsible for activities related to platform security like OP-TEE, trusted firmware, boot-loaders etc. Also responsible for tool-chain support activities. Contributed in various open source projects like OP-TEE, TF-A... Read More →